CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Leonardo Taccari" <leot%netbsd.org@localhost>
Date: Wed, 15 Oct 2025 11:58:39 +0000

Module Name:    pkgsrc
Committed By:   leot
Date:           Wed Oct 15 11:58:39 UTC 2025

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
pkg-vulnerabilities: add old grub2 CVEs

+ grub2 (CVE-2024-56737 not fixed, all other fixed upstream and will be
  available in the next release, I have put 2.13 but possibly it can be a minor
  dot too (e.g. 2.12.x))


To generate a diff of this commit:
cvs rdiff -u -r1.619 -r1.620 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.619 pkgsrc/doc/pkg-vulnerabilities:1.620
--- pkgsrc/doc/pkg-vulnerabilities:1.619        Wed Oct 15 11:05:07 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Wed Oct 15 11:58:39 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.619 2025/10/15 11:05:07 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.620 2025/10/15 11:58:39 leot Exp $
 #
 #FORMAT 1.0.0
 #
@@ -28609,3 +28609,27 @@ GraphicsMagick<1.3.46  denial-of-service       
 GraphicsMagick<1.3.46  out-of-bounds-read      https://nvd.nist.gov/vuln/detail/CVE-2025-27796
 grpc<1.68.0    denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2024-11407
 grpc<1.65.4    information-disclosure  https://nvd.nist.gov/vuln/detail/CVE-2024-7246
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2024-45774
+grub2<2.13     denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2024-45775
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2024-45776
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2024-45777
+grub2<2.13     integer-overflow        https://nvd.nist.gov/vuln/detail/CVE-2024-45778
+grub2<2.13     integer-overflow        https://nvd.nist.gov/vuln/detail/CVE-2024-45779
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2024-45780
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2024-45781
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2024-45782
+grub2<2.13     denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2024-45783
+grub2-[0-9]*   heap-overflow           https://nvd.nist.gov/vuln/detail/CVE-2024-56737
+grub2<2.13     timing-side-channel     https://nvd.nist.gov/vuln/detail/CVE-2024-56738
+grub2<2.13     use-after-free          https://nvd.nist.gov/vuln/detail/CVE-2025-0622
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-0624
+grub2<2.13     integer-overflow        https://nvd.nist.gov/vuln/detail/CVE-2025-0677
+grub2<2.13     integer-overflow        https://nvd.nist.gov/vuln/detail/CVE-2025-0678
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-0684
+grub2<2.13     integer-overflow        https://nvd.nist.gov/vuln/detail/CVE-2025-0685
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-0686
+grub2<2.13     buffer-overflow         https://nvd.nist.gov/vuln/detail/CVE-2025-0689
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-0690
+grub2<2.13     sensitive-information-disclosure        https://nvd.nist.gov/vuln/detail/CVE-2025-1118
+grub2<2.13     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-1125
+grub2<2.13     security-bypass         https://nvd.nist.gov/vuln/detail/CVE-2025-4382

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/net/tor
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/net/tor
Indexes:

Home | Main Index | Thread Index | Old Index